71c78101f7792fe879a082e323fed89c5e4a43132d01d3f79ed02afd8db45497

Resubmissions

18-05-2023 12:01

230518-n6zrpsaf62 10

24-11-2022 09:53

221124-lwmnaafa25 10

Analysis

max time kernel
2832739s
max time network
159s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
24-11-2022 09:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

com.pagnotto28.sellsourcecode.alpha-5-apktada.com.apk
Size

13.6MB
MD5

425ca585e1689771f69c442036192d78
SHA1

3d7e48669307cc962f18de5639ae0697ed950d1e
SHA256

71c78101f7792fe879a082e323fed89c5e4a43132d01d3f79ed02afd8db45497
SHA512

4441be3ac3bf49229ddb771c4418719a60fdee11711265e41442a49f643e7a97c8b1731c786e80c811cd63124996c5787cb7588c06d81ae60a67cf46996925df
SSDEEP

393216:C9wxkH5macX7X52NWdXJq2TNhyWfwcVpMrfum77:C9wxkZqgY5Uvaq7

Score

8^/10

banker ransomware

Malware Config

Signatures

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps). 1 IoCs
banker

Processes:

com.pagnotto28.sellsourcecode.alpha

description ioc process

Framework service call android.content.pm.IPackageManager.getInstalledApplications com.pagnotto28.sellsourcecode.alpha
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.pagnotto28.sellsourcecode.alpha

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.pagnotto28.sellsourcecode.alpha

description	ioc	process
Framework service call	android.content.pm.IPackageManager.getInstalledApplications	com.pagnotto28.sellsourcecode.alpha

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.pagnotto28.sellsourcecode.alpha

com.pagnotto28.sellsourcecode.alpha
1⤵
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
- Uses Crypto APIs (Might try to encrypt user data).
PID:4076

com.pagnotto28.sellsourcecode.alpha:BackgroundService
1⤵
PID:4364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db
Filesize
24KB

MD5
1a1c0cb8ab9d6f29a12c42a489215fba

SHA1
7d323b9166145f27675031b8ec9b14c7d17803f7

SHA256
4e98d70c47e666303361308047f39a4684f64a30c12f8acf970cd63aab555b35

SHA512
243c9a9f622b38b98ff17d6309569abd0844b690f5462892943cdb1999fa11e72c04c52e5fec6b2164049f27dcf6db32b11f470b450e5b32d12382b64bd0b43a

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-journal
Filesize
524B

MD5
06910be965d3160a23345026b7abcccb

SHA1
9c21f6d3e7b0392b6b6a478295b82656443b559e

SHA256
1b87b878d5a3b407bd28a35b39a506ed8005541fc1a1cc2b86745725136faf06

SHA512
3a8c1cb5dc0ee80bcc7ba6aebcc39f9d03f833ec5d2e173ba56171f642396f029d6a94a521f5a922f42f154159d303c55db7aefaa8b1aaaa7695e6ceee86fc16

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/databases/dbytes.db-wal
Filesize
40KB

MD5
551d5a1e58a7c627f7faad3a6615afb5

SHA1
498a6cff6a94377879bd3ddaf5a4f49dd1e3938f

SHA256
b538f0acc769d2e90e7e6bffdd161cca482a0ce33589ebb4f84c7837c099a8ef

SHA512
2ec6de0942a1f89092908943e06c899185cd743147b48cffabee332d287f36b8f12f0398bce0ca5110af4f1fda797e87d4620d22a35f55d3e45f2c9aa5b2caaa

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb
Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-journal
Filesize
524B

MD5
6599c14205f56796af0f1c7665820a9e

SHA1
d8a687f5cbfa87d4d99d484b0f2e19f9d9c1230b

SHA256
c258e10041af37579af8dcca47b8d27513b286d8d8a614625710516b40e5fedd

SHA512
156d70c2116aeb3a9dedd21e2e49317c39bb3890f2569b9c1e7bce9fdf633854d483e07db44bc7320102c2a9329702adff30f2671422b1c25562c924c7c0c07a

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-shm
Filesize
8B

MD5
7dea362b3fac8e00956a4952a3d4f474

SHA1
05fe405753166f125559e7c9ac558654f107c7e9

SHA256
af5570f5a1810b7af78caf4bc70a660f0df51e42baf91d4de5b2328de0e83dfc

SHA512
1b7409ccf0d5a34d3a77eaabfa9fe27427655be9297127ee9522aa1bf4046d4f945983678169cb1a7348edcac47ef0d9e2c924130e5bcc5f0d94937852c42f1b

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/no_backup/androidx.work.workdb-wal
Filesize
108KB

MD5
c21d6e9112e8d5f731fcb4d274cc232b

SHA1
ce4fc01872ba206ea2b417fd244f6aed71e1c26f

SHA256
85771eaa23713b4938e9f371578d8c2832c872d8e3137f590b7996fe44cba580

SHA512
35cf9c8617dcb9a22919cab35cda36cb96ebd3da0c419791aee69e7d8df995cd67c582426509f19c9d4b087af2db7ecac12dc1556c93c305b4bda960b3b7d798

Download Submit
/data/user/0/com.pagnotto28.sellsourcecode.alpha/shared_prefs/com.pagnotto28.sellsourcecode.alpha_preferences.xml
Filesize
129B

MD5
3708023b502adf2310dae429c9af6a13

SHA1
92266bb17c6b56c9b64a77b775a1eb42c5d3ff51

SHA256
59b76950905272237aea40bc4593893a25a412073dc0e2510b01af90c30e7817

SHA512
083baf9a34158c7a26a0e3003937d71372b464c1dc52c6284a88b9c7723fbe689b11f24a57f5ff8586db947dbdc5fb1c95fafa20b1cad8847d73d24fcdff9335

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads